fixed a potential segfault condition with $AllowedSender directive

On HUP, the root pointers were not properly cleaned up. Thanks to
Michael Biebel, olgoat, and Juha Koho for reporting and analyzing
the bug.

2 files changed, 33 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 1abdb9ca..cf7f0ef2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+- fixed a potential segfault condition with $AllowedSender directive
+  On HUP, the root pointers were not properly cleaned up. Thanks to
+  Michael Biebel, olgoat, and Juha Koho for reporting and analyzing
+  the bug.
 - some legacy options were not correctly processed.
   Thanks to varmojfekoj for the patch.
 - doc bugfix: some spelling errors in man pages corrected. Thanks to
diff --git a/net.c b/net.c
index 54d162bf..788d5412 100644
--- a/net.c
+++ b/net.c
@@ -105,6 +105,30 @@ setAllowRoot(struct AllowedSenders **ppAllowRoot, uchar *pszType)
 finalize_it:
 	RETiRet;
 }
+/* re-initializes (sets to NULL) the correct allow root pointer
+ * rgerhards, 2009-01-12
+ */
+static inline rsRetVal
+reinitAllowRoot(uchar *pszType)
+{
+	DEFiRet;
+
+	if(!strcmp((char*)pszType, "UDP"))
+		pAllowedSenders_UDP = NULL;
+	else if(!strcmp((char*)pszType, "TCP"))
+		pAllowedSenders_TCP = NULL;
+#ifdef USE_GSSAPI
+	else if(!strcmp((char*)pszType, "GSS"))
+		pAllowedSenders_GSS = NULL;
+#endif
+	else {
+		dbgprintf("program error: invalid allowed sender ID '%s', denying...\n", pszType);
+		ABORT_FINALIZE(RS_RET_CODE_ERR); /* everything is invalid for an invalid type */
+	}
+
+finalize_it:
+	RETiRet;
+}
 
 
 /* Code for handling allowed/disallowed senders
@@ -214,6 +238,11 @@ clearAllowedSenders(uchar *pszType)
 			free(pPrev->allowedSender.addr.NetAddr);
 		free(pPrev);
 	}
+
+	/* indicate root pointer is de-init (was forgotten previously, resulting in
+	 * all kinds of interesting things) -- rgerhards, 2009-01-12
+	 */
+	reinitAllowRoot(pszType);
 }